TrendMicro HoneypotA recent research paper about an ICS honeypot is great in several ways:

  1. It shows how easy it is to set up a fake company. These ‘companies’ can then be used for fraud and phishing (terminal spoofing for example) but also for malware distribution.
  2. You learn which vulnerabilities attract attackers.
  3. It describes perfectly how hackers exploit an exposed OT network.
  4. The impact of a hack becomes clear. Your OT network becomes compromised causing discontinuation of business.

The researchers make use of common design errors and configuration mistakes (vulnerabilities). The OT network design is incorrect leaving your critical network connected to the internet. If you allow remote access then make sure that the appropriate security controls are taken and that they are effective. Information like P&ID’s and network topologies are business confidential and must therefore not be shared through fileshares like Dropbox or sent to generic mailboxes. Information like this is gold in the hands of adversaries.

Contact us, we will be happy to explain how we can protect your IACS.

Read more about the research on the researchers website